<?php
/**
 * Description of Class_Manage
 *
 * @author fantastik78
 */
class Manage {

    private $e_name_group = false;
    private $e_members_group = false;
    private $e_member_alrdy_exist = false;

    private $e_group_exist = false;
    private $e_no_member =false;

    private $e_no_member_del = false;
    
    private $e_permit_admin = false;

        //Get Errors from the createGroup function
    public function getErrorsCreateGroup(){
        if(isset($_POST['btn_create_grp'])){
            if($this->e_members_group){ echo "Il doit y avoir au moins un membre dans votre groupe." ;}
            if($this->e_name_group){ echo "Un nom de groupe doit être spécifié." ;}
            if($this->e_member_alrdy_exist){ echo "Un ou plusieurs membres font déjà parti d'un groupe, le groupe n'a donc pas été créer.";}

        }
    }

    // Create group with few members of the current team
    public function createGroup(){
        if(isset($_POST['btn_create_grp'])){
            $secu_post['name_group'] = mysql_real_escape_string($_POST['name_group']);
            //Checck if the name of the group is not empty and if there is at least 1 member selected
            if(trim($secu_post['name_group']) != null){
                if(isset($_POST['group'])){
                    $members = array();
                    $still_member = array();
                    $members = array_map('mysql_real_escape_string', $_POST['group']);


                    foreach($members as $member){
                        $attach_exist = mysql_query("SELECT COUNT(*) as nb FROM member_group WHERE member_id='" . $member . "'");
                        $res = mysql_fetch_array($attach_exist);
                        if($res['nb'] == 0){
                            $still_member[$member] = 0;
                        }else{
                            $still_member[$member] = 1;
                        }
                    }
                    if(count($still_member) != 0){
                        $queryIns = mysql_query("INSERT INTO team_group (name_group, team_id) VALUES ('" . $secu_post['name_group']. "', '" . $_SESSION['member_session']['team'] . "')");
                        $id_group = mysql_insert_id();

                        foreach ($members as $member) {
                            $queryInsMbrs = mysql_query("INSERT INTO member_group (group_id, member_id) VALUES ('" . $id_group . "', '" . $member . "')");
                        }
                    }else{
                        $this->e_member_alrdy_exist = true;
                    }
                }else{
                    $this->e_members_group = true;
                }
            }else{
                $this->e_name_group = true;
            }
        }
    }

    public function getErrorAddMemberGroup(){
        if(isset($_POST['btn_add_mber'])){
            if($this->e_no_member){ echo "Vous devez choisir au moins un membre pour l'ajout.";}
            if($this->e_group_exist){ echo "Vous devez selectionner un groupe pour l'ajout.";}
        }
    }

    public function addMemberGroup(){
        if(isset($_POST['btn_add_mber'])){
            $id_grp = mysql_real_escape_string($_POST['id_group']);
            if(trim($id_grp) != null){
                if(isset($_POST['group'])){
                    $tab_mbers = array_map('mysql_real_escape_string', $_POST['group']);
                    foreach ($_POST['group'] as $id) {
                        mysql_query("INSERT INTO member_group (group_id, member_id) VALUES ('" . $id_grp . "', '" . $id . "')");
                    }
                }else{
                    $this->e_no_member = true;
                }
            }else{
               $this->e_group_exist = true;
            }
        }
    }

    public function getErrorsDeLMemberGroup(){
        if(isset($_POST['btn_del_mber'])){
            if ($this->e_no_member_del) { echo "Vous devez selectionner au moins un membre pour la suppression.";}
        }
    }

    public function delMemberGroup(){
        if(isset($_POST['btn_del_mber'])){
            if(isset($_POST['group'])){
                
                if($_POST['group'] != "Administrateur"){
                    $group_id = mysql_real_escape_string($_POST['id_group']);
                    $list_mber_del = array_map('mysql_real_escape_string', $_POST['group']);
                    foreach ($list_mber_del as $member_id) {
                        mysql_query("DELETE FROM member_group WHERE group_id='" . $group_id . "' AND member_id='" . $member_id . "'");
                    }
                }else{
                    
                }
                
            }else{
                $this->e_no_member_del = true;
            }

        }
    }

    public function listingGroup(){
        $array_group = array();
        $query = mysql_query("SELECT * FROM team_group WHERE team_id='" . $_SESSION['member_session']['team'] . "'");
        $nb_row_group = mysql_num_rows($query);
        if($nb_row_group > 0){
            while ($row = mysql_fetch_array($query)) {
                $array_group[$row['id']] = $row['name_group'];
            }
            return $array_group;
        }
        return null;

    }
    
    public function getErrorPermission(){
        if(isset($_POST['btn_permission'])){
            if($this->e_permit_admin){ echo "Vous ne pouvez pas modifier les permissions du groupe \"Administrateur\"";}
        }
    }
    
    public function setPermission(){        
        if(isset($_POST['btn_permission'])){
            $query2 = mysql_query("SELECT name_group FROM team_group WHERE id='". $_POST['group_name'] ."'");
            $res2 = mysql_fetch_array($query2);
            
            if($res2['name_group'] == 'Administrateur'){
                $this->e_permit_admin = true;
            }else{
                $pages = array("dashb", "todo", "ideabox", "file", "msg");
                $actions = array("read", "add", "edit", "del", "dl", "ul");
                $permit = array();

                foreach($pages as $page){
                    $permit[$page] = array();
                    if(isset($_POST[$page])){
                        foreach($_POST[$page] as $key=>$value){
                            $permit[$page][$key] = 1;
                        }
                    }
                }

                foreach ($pages as $page) {
                    foreach ($actions as $action) {
                        if(!isset($permit[$page][$action])){
                            $permit[$page][$action] = 0;
                        }

                    }
                }

                $query = mysql_query("SELECT COUNT(*) as nb, id FROM group_right WHERE dashbd_add='".$permit['dashb']['add']."' AND todo_add='".$permit['todo']['add']."' AND todo_edit='".$permit['todo']['edit']."' AND todo_del='".$permit['todo']['del']."' AND ideabox_read='".$permit['ideabox']['read']."' AND ideabox_add='".$permit['ideabox']['add']."' AND ideabox_edit='".$permit['ideabox']['edit']."' AND ideabox_del='".$permit['ideabox']['del']."' AND files_read='".$permit['file']['read']."' AND files_add='".$permit['file']['add']."' AND files_edit='".$permit['file']['edit']."' AND files_del='".$permit['file']['del']."' AND files_dl='".$permit['file']['dl']."' AND files_ul='".$permit['file']['ul']."' AND msg_read='".$permit['msg']['read']."' AND msg_add='".$permit['msg']['add']."' AND msg_edit='".$permit['msg']['edit']."' AND msg_del='".$permit['msg']['del']."'");
                $res = mysql_fetch_array($query);
                if($res['nb'] == 1){
                    mysql_query("UPDATE team_group SET right_id='".$res['id']."' WHERE id='".$_POST['group_name']."'");
                }else{
                    mysql_query("INSERT INTO group_right (dashbd_add, todo_add, todo_edit, todo_del, ideabox_read, ideabox_add, ideabox_edit, ideabox_del, files_read, files_add, files_edit, files_del, files_dl, files_ul, msg_read, msg_add, msg_edit, msg_del) VALUES 
                                ('".$permit['dashb']['add']."','".$permit['todo']['add']."','".$permit['todo']['edit']."','".$permit['todo']['del']."','".$permit['ideabox']['read']."','".$permit['ideabox']['add']."','".$permit['ideabox']['edit']."','".$permit['ideabox']['del']
                                ."','".$permit['file']['read']."','".$permit['file']['add']."','".$permit['file']['edit']."','".$permit['file']['del']."','".$permit['file']['dl']."','".$permit['file']['ul']."','".$permit['msg']['read']."','".$permit['msg']['add']."','".$permit['msg']['edit']."','".$permit['msg']['del']."')");
                    $rightid = mysql_insert_id();
                    mysql_query("UPDATE team_group SET right_id='".$rightid."' WHERE id='".$_POST['group_name']."'");
                }
            }
        }
    }
    
    public function hasPermit($page, $action){
        $right = $page."_".$action;
        
        $qry = mysql_query("SELECT COUNT(*) as nb FROM member_group WHERE member_id='".$_SESSION['member_session']['id']."'");
        $rs = mysql_fetch_array($qry);
        
        if($rs['nb'] != 0){
            $query = mysql_query("SELECT group_id FROM member_group WHERE member_id='".$_SESSION['member_session']['id']."'");
            while ($res = mysql_fetch_array($query)) {
                $query2 = mysql_query("SELECT right_id FROM team_group WHERE id='".$res['group_id']."' AND team_id='".$_SESSION['member_session']['team']."'");
                $res2 = mysql_fetch_array($query2);
            }

            if($res2['right_id'] != 0){
                //echo "SELECT ".$right." FROM group_right WHERE id='".$res2['right_id']."'";
                $query3 = mysql_query("SELECT ".$right." FROM group_right WHERE id='".$res2['right_id']."'");
                $res3 = mysql_fetch_array($query3);
                return $res3[$right];
            }else{
                return 0;
            }
        }else{
            return 0;
        }
        
        
        
        
    }
}
?>

